Node Self-Configuration And Operation In A Wireless Network

ABSTRACT

A device performs a self-configure process for operations in a managed network to allocate a network address for the device by determining if the device will operate as a gateway of the managed network, obtaining a network address for communication with external devices outside of the managed network in response to determining that the device will operate as a gateway, scanning for neighbor devices operating in the managed network and maintaining a database of neighbor devices located in the scanning, and selecting a managed network to join based on the database of neighbor devices in response to determining that the device will operate as a node.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional Application Ser.No. 60/892,437 entitled “Node Self-Configuration and Operation in aWireless Network” by Sanjit Biswas et al., filed Mar. 1, 2007, and thebenefit of the following co-pending U.S. Provisional Applications:entitled “System and Method For Hosted Network Management”, by S.Biswas, et al., Ser. No. 60/892,432, filed Mar. 1, 2007; entitled“Client Operation for Network Access” by Thomer M. Gil et al., Ser. No.60/892,440, filed Mar. 1, 2007; entitled “System and Method for RemoteMonitoring and Control of Network Devices” by S. Biswas et al., Ser. No.60/892,443, filed Mar. 1, 2007; entitled “Client Addressing and Roamingin a Wireless Network” by Thomer M. Gil et al., Ser. No. 60/892,449,filed Mar. 1, 2007. Priority of the filing dates is hereby claimed, andthe disclosures of the Provisional Applications are hereby incorporatedby reference.

BACKGROUND

Wireless mesh networks include at least one node that connects to a widearea network (WAN) and one or more wireless access points comprisingnodes of the mesh network that communicate with each other, at least oneof which communicates with the wide area network node. The WAN cancomprise, for example, the Internet, and the WAN node typicallycomprises a cable interface (cable modem) or DSL interface or the like,and the wireless access points typically comprise wireless routers andthe like. Wireless mesh networks are convenient because they can beimplemented with little or no effort to provide infrastructure. Forexample, it is generally not necessary to install additional cabling foraccess to the wide area network. Once a connection to the WAN isprovided, the additional wireless access points can be configured tocommunicate and thereby provide network access whose geographic coverageis theoretically limited only by the distribution of the wireless accesspoints of the mesh network.

In practical terms, network management of such mesh networks can be verycomplicated and can require a relatively high level of skill in networkcommunications and protocols. A mesh network owner typically hasownership of the mesh network nodes and usually has responsibility forensuring access to the WAN through the WAN node. The mesh network ownergenerally receives WAN access through a subscription arrangement with aprovider, such as an Internet service provider (ISP). To initiatenetwork communications with the WAN, the WAN node must be properlyconfigured by the network owner with service parameters of the ISP. Oncenetwork access is established to the WAN, the network owner mustconfigure each of the wireless access points. Such configuration is nota trivial task. The configuration process can involve knowledge of thehardware and software configuration of the mesh network devices, as wellas familiarity with network configuration and addresses, securitysettings, network protocols, hardware configuration, encryptionalgorithms. Determining the needed information and determining theprocess for providing such information to appropriate vendors, andactually entering such information, can be complicated and timeconsuming.

Even after the mesh network has been set up and configured, the actualmanagement and maintenance of the network can be even more complicatedand time consuming. Clients that want to use the mesh network must beidentified to the WAN node, allocated a network address, and initiategaining access. The network nodes (routers) must be maintained forproper configuration and performance. Network conditions must bemonitored for proper functioning and to identify performance issues,such as bandwidth availability and quality of service. Other managementtasks, such as account management, user information, and access controland billing, must be performed.

A variety of network management tools are available to assist with theconcerns described above. Conventional tools, however, generally addressonly limited aspects of the mesh network environment. Configuring themesh network nodes can still be a complicated task that usually requiresdetermining input parameters for the network that is being implementedand entering the parameters. Adding a network node also can be acomplicated task that requires repeating many of the steps performed insetting up the network initially. Because such configuration tasks mustbe repeated for each network node, such configuration techniques do notscale well and severely limit the practical size of networks implementedin this fashion.

Thus, there is a need for more convenient setup, configuration, andmaintenance of network nodes in wireless mesh networks. The presentinvention satisfies this need.

SUMMARY

Described herein is a self-configure process for a device such that thedevice can operate in a managed network. In accordance with theself-configuration, the device is allocated a network address bydetermining if the device will operate as a gateway of the managednetwork, obtaining a network address for communication with externaldevices outside of the managed network in response to determining thatthe device will operate as a gateway, scanning for neighbor devicesoperating in the managed network and maintaining a database of neighbordevices located in the scanning, and selecting a managed network to joinbased on the database of neighbor devices in response to determiningthat the device will operate as a node. In this way, more convenientsetup, configuration, and maintenance of network nodes in wireless meshnetworks is provided.

Other features and advantages of the present invention should beapparent from the following description of the preferred embodiments,which illustrate, by way of example, the principles of the invention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram representation of a hosted network 100constructed in accordance with the invention.

FIG. 2 is a flowchart that illustrates processing of the network in theFIG. 1 system.

FIG. 3 is a flowchart that illustrates processing of a node in the FIG.1 system.

FIG. 4 is a diagram showing the probe request packet configuration for amessage sent by the node.

FIG. 5 is a diagram showing the probe response packet configuration fora message sent by the node.

FIG. 6 is a diagram showing the probe response payload configuration forthe probe response packet of FIG. 5.

FIG. 7 is a diagram showing the Meraki Info field of the probe responsepayload of FIG. 6.

FIG. 8 is a management tool screenshot of a configuration view providedby the host illustrated in FIG. 1.

DETAILED DESCRIPTION

A. Hosted Network

FIG. 1 is a block diagram representation of a hosted network 100constructed in accordance with the invention. The hosted network 100includes a host 102 that communicates over a network infrastructure 104,such as the Internet, with multiple communication devices 106, 108. Thecommunication devices include network traffic devices 106, such asaccess points or routers, and client devices 108, such as laptopcomputers, desktop computers, and portable computing devices, all ofwhich are capable of communicating with each other using a networkcommunications protocol specification. In FIG. 1, particularcommunication devices 106, 108 are designated with a letter suffix (“a”,“b”, etc.). Particular devices will be referenced by their respectivesuffix 106 a, 106 b, 106 c and 108 a, 108 b, . . . , 108 f. Referencesto the devices 106, 108 without their particular suffix will beunderstood to be a reference to the group collectively.

All of the devices 106, 108 are capable of communicating with each otherover a wireless network communications protocol specification, such asthe 802.11x family specification of the IEEE, also referred to as“wireless broadband” or “WiFi”. The devices 106, 108 define a managednetwork 110 whose member devices communicate with the host computer 102,also referred to as the backend server. The managed network 110 includescomponent local mesh networks that are identified with a letter suffix(“a” or “b”) so that references to the local networks without theirsuffix are references to the local networks collectively as the managednetwork. When it is necessary to refer to a particular local network 110a, 110 b, the suffix identifier will be used.

The traffic devices 106 in FIG. 1 that are designated as gateways 106 a,106 c serve as an interface between the WAN (Internet) 104 and theirrespective local wireless mesh networks 110 a, 110 b. FIG. 1 shows eachgateway as having an interface device 111 interposed between itself andthe Internet 104. That is, the interface device is upstream of thegateway. Those skilled in the art will understand details of suchdevices, which may comprise cable modems, DSL interfaces, and the like.Alternatively, the interface may be incorporated into the gateway devicerather than being a separate component. Each gateway provides aninterface between its respective mesh network and the Internet. Forexample, the gateway 106 a is the Internet interface for the meshnetwork 110 a comprising 106 a and client 108 c, client 108 d, client108 e, and client 108 f. The gateway 106 b is the Internet interface forthe mesh network 110 b comprising gateway 106 b, node 106 c, client 108a, and client 108 b. The gateways 106 a, 106 b communicate with the host102 of the managed network and perform network address translation (NAT)functions for the devices 106, 108 within their respective managednetworks 110 a, 110 b.

The mesh network 110 is operated under the control of a network owner112, who can access management tools through a network portal interfaceof the host 102. Therefore, the network owner 112 is illustrated in FIG.1 as being connected to the Internet 104, whereby the network ownerusing a computer or similar device can access a Web portal at the host102 via a conventional Web browser. For the discussion herein, areference to a “managed network” will be understood to be a reference toa local network having network traffic devices that operate according tothe description and drawings herein under management of a network owner112 through a service portal of the host 102.

The gateway devices 106 a, 106 b are also capable of networkcommunications via a wired connection, such as Ethernet. The clients 108can also have this dual capability. Thus, the managed networks 110 a,110 b can include devices that are capable of communicating over bothwired connections and wireless connections. In this discussion, thetraffic devices 106 will also be referred to as routers or nodes of themanaged networks. Thus, nodes as used herein comprise devices that cancommunicate over the managed networks 110 and can send data messagesfrom other nodes toward destinations outside of the managed network,such as over the Internet 104 toward the host 102.

FIG. 1 shows that the network traffic devices (nodes) 106 can beprovided with the ability to communicate with external networks that areoutside of any of the managed networks 110. Thus, a dotted linerepresents a connection from the second gateway 106 b to an externalnetwork 120. The external connection between the two 106 b, 120 cancomprise a wired connection or a wireless connection. The externalnetwork can comprise a connection to the Internet or a local networkthat does not share the client addressing scheme of the managed networks110 a, 110 b and therefore comprises a heterogeneous network relative tothe managed networks.

B. Network Setup

The network traffic devices 106 are configured so as to operate inaccordance with the present invention for self-configuration andcommunication with the host 102. The devices 106 can be configured, forexample, with special operating software and/or firmware. Before themesh network is initially deployed or launched, the network owner 112completes a registration process with the host 102. For example, thehost may provide management tools and reporting information to thenetwork owner on a subscription basis. The registration ensures thatappropriate contact and billing information concerning the network owner1 12 is obtained by the host 102.

As part of the registration process, the network owner will indicate thenumber of traffic devices 106 that will be deployed. The network ownertypically will provide the geographic location where each traffic devicewill be located, such as by providing a street address and potentiallyother more specific information, such as office number or apartmentnumber. The network traffic devices 106 a, 106 b, 106 c can be deliveredto the network owner as configured devices with memory of each devicecontaining its respective location information as received from thenetwork owner during registration. Alternatively, the devices themselvescould be provided with location-determining components to self-reporttheir location, such as GPS-based mechanisms and the like. In anotheralternative embodiment, the registration process could be performed bythe network owner through a suitable user interface, whereby the networkowner can provide the location of each device. The latterimplementation, however, requires greater involvement and skill on thepart of the network owner, as compared with delivering fully configureddevices to the network owner.

After the registration information is received from the network ownerand the number of devices to be deployed is known, the host provides therequested number of traffic devices to the network owner, with eachdevice configured as noted herein for self-configuration and reporting.Upon receiving the configured traffic devices, the network owner can setabout deploying them as planned. As each device is physically placed ina geographic location and power is applied, the device will performself-configuration, as described below in conjunction with FIG. 2.

C. Network Operation

FIG. 2 is a flowchart that illustrates operation of the network inaccordance with the invention. As described further below, each nodedevice 106 upon start up carries out operations that compriseself-configuration processing, by which the node device becomes part ofthe mesh network 110 (see FIG. 1). In the first network operation,represented by the FIG. 2 flow diagram box numbered 202, a node deviceauthenticates with the hosted network service at the network host. Thenode device can comprise one of the gateways or nodes. Those skilled inthe art will understand that the authentication process 202 involves aconnection message that comprises a request from the node device for anetwork address in the managed network 110. More particularly, therequest is for an internal network address for communications within themesh network 110. In the illustrated embodiment, the connection messageis sent with the username set to the device MAC address as describedherein and the password is set to the serial number of the router thatis being authenticated. Also at box 202, the host determines if therequesting node device is associated with device registration data inthe managed network that identifies a network owner and, if therequesting node device is a registered device, then the host returns anetwork address allocation message to the requesting node device. Thisoperation completes a self-configuring process of the node device forcommunications with the network host and establishes the hosted networkassociated with the identified network owner.

Additional authentication processing at box 202 involves the hostperiodically receiving authentication messages from the node device suchthat the network host can determine a mapping of the network address tothe registered device. The host responds to the authentication messagewith an acknowledgement message. The acknowledgement message maintains apersistent network connection path from the network host to the nodedevice. At box 208, the network host and node device participate insending and receiving encapsulated packet messages, the encapsulatedpacket messages comprising packet messages of the message protocolappended with header information of the hosted network. The networkhost, at box 210, retrieves message data from encapsulated packetmessages it receives from the node device and performs networkmanagement operations to provide the management tools. As noted above,the management tools are provided via a user management interface suchas a Web portal that is accessed by the identified network owner througha conventional Web browser. At box 212, the network owner accesses thenetwork management tools via the Web portal that is provided by thehost.

D. Node Operation

Upon startup, a node device can either configure itself as a gateway viaa wired connection to the Internet, or the node device can join anexisting network of nodes and communicate with the nodes in the networkvia multi-hop forwarding. A node will first perform the connection andaddress allocation operations 202, 204 described above with reference toFIG. 2. To automatically configure itself, a node must perform thefollowing high-level tasks: (1) determine whether it is a gateway (via aDHCP request), (2) perform a scan via wireless communication to discoversurrounding access points, (3) use the results from the scan todetermine the node's behavior as a gateway or to determine whichexisting network to join, and (4) derive an IP address to be used withinthe mesh network 110.

The operation of a traffic device upon start or application of powerwill be understood with reference to the description below and to theflowchart of FIG. 3, which illustrates the operation of a node in themesh network 110.

1. Node Configuration on Bootup

Initially, a node device must determine whether it should behave as agateway or join an existing network. To do so, the node device must (1)initialize its Ethernet interface through a wired connection, or (2)attempt to obtain an IP address (used to address the node outside of themesh) by broadcasting its MAC address (hardware ID) in a DHCP requestover Ethernet. The decision box 302 in FIG. 3 shows that the deviceinitially scans for surrounding wireless access points to see whichchannels are in use and which channels are available, then chooses itschannel of operation. Next, at box 304, the device requests a DHCPaddress assignment from the host server 102 (FIG. 1). If the device isconnected to the Internet through an Ethernet connection, then the hostserver will respond with a valid IP assignment, an affirmative outcomeat the decision box 306. The device can then operate as a gateway,indicated at box 308. Operation as a gateway is described further below.If the node device receives no response from a DHCP server after a shorttimeout (e.g. 20 seconds), a negative outcome at box 306, then the nodewill join an existing managed network and will operate as a wirelessaccess point. Such processing is described further below.

2. Determining Node IP Address

For operation as a managed network, whether as a gateway or as an accesspoint, the system 100 provides a hash-based network address allocationscheme, by which the system can use multiple network uplinks and stillmaintain seamless client roaming with zero-configuration. As noted abovewith reference to FIG. 2, at startup a node will first performconnection and address allocation operations 202, 204 to be allocated anetwork address for communications within the managed network 110. Thenetwork 110 uses an automatic address allocation system, where alldevices hash their hardware MAC address to derive their network (IP)address. These network addresses lie in an unallocated/reserved Class Aaddress space, and each of the network gateways performs network addresstranslation (NAT) to map their single uplink IP address to the addressspace of the network 100. This construction provides beneficialcharacteristics. First, heterogeneous network uplinks can be used withinin a single mesh network, because IP addresses are assigned consistentlyregardless of external addresses. The set of network uplinks can evenchange without requiring address re-allocation. Secondly, client devicescan freely roam within the network (and can switch between networkuplinks) without needing to renew their IP addresses. The networkautomatically determines which network uplink to use for a givenconnection, and automatically updates routing tables as clients movethrough a network. Thirdly, because there is no DHCP server for addressallocation, there is no single source of failure for address allocation.

For example, a device configured for operation as a node in the managednetwork 100 will generally have a MAC address in the following format:00:18:0A:xx:yy:zz (xx, yy, zz are hexadecimal values and are the threeleast significant bytes of the MAC address). The correspondingintra-mesh IP address for the node will have an address in the followingformat: 127:xx′:yy′:zz′ (where xx′=decimal equivalent of xx, yy′=decimalequivalent of yy, and zz′=decimal equivalent of zz). In this way, anetwork address for communications within the managed network 110 isallocated by performing a hash function on the MAC address of the devicesuch that the hash function provides a hashed network address that isunique to the device and that is obtained identically each time the hashfunction is performed.

These considerations will be more clearly understood in conjunction withthe following brief example. Imagine a mesh network with two networkuplinks, a cable and a DSL modem. The cable modem's IP address is1.1.1.1, and the DSL modem's address is 2.2.2.2. Each device in themanaged network 100 has an IP addresses in the of the form 127.x.x.x,where x.x.x is a result of a 24-bit hash function over the device's MACaddress (e.g. 00:11:22:33:44:55->127.13.55.212). Routers in the managednetwork derive addresses the same way, so the cable modem can fail orswitch addresses without affecting the mesh.

Other systems are known that use a scheme in which mesh routers' IPaddresses are the bottom 24-bits of their hardware MAC address. See, forexample, the Roofnet project at the Massachusetts Institute ofTechnology. However, in such systems, client devices are assignedaddresses through a DHCP server, so the client devices cannot freelyroam within the network, and the lack of hash function leads to morefrequent address collisions. Thus, the system of the present inventionsupports multiple heterogeneous uplinks.

3. Node as a Gateway

After the node has received an IP address from the DHCP server at box308 of FIG. 3, the node will operate as a gateway of the managed network110. During operation as a gateway, the device will periodicallybroadcast messages with a special code to indicate that it is acting asa gateway. In the illustrated embodiment, an IS_GW (gateway) bit in anencapsulated message is set. In addition, during operation as a gateway,the device will periodically attempt to renew its DHCP lease byconfirming the validity of its IP with the DHCP server (i.e., the hostserver). This background checking operation comprising a DHCP request iscarried out as operation of a gateway of the managed network 308. If thedevice confirms the DHCP lease (such as by receiving a DHCP response toa DHCP request), then it continues to operate as a gateway as at box308. If the device acting as a gateway fails to renew its DHCP lease,then the device takes down its wireless interface (that is, it ceases tooperate as a gateway), and instead scans for a network to join. Ceasingoperation as a gateway and joining a network are indicated by the dashedline from the box 308 to the network box 310. Additional details ofgateway and network processing are described further in the relatedapplication entitled “System and Method for Hosted Network Management”(attorney docket number 026679-000300US) filed with the presentapplication.

4. Scan Operation for Wireless Networks

As noted above, at box 302 of FIG. 3, the device perform a scan. As partof such operation, the device builds a list of surrounding wirelessaccess points by scanning each wireless channel and aggregatingresponses from access points operating on each channel. If the deviceoperates as a gateway, it will use the list to determine its channel ofoperation. If the device is attempting to join an existing wirelessnetwork, it will use the list to determine the best existing network andjoin it.

A device performs its scan by scanning each channel twice (approximately20-40 ms per channel), and performs periodic scans at predeterminedintervals (such as every 10-15 seconds) thereafter. To perform a scanrequest, a node broadcasts an 802.11 management probe request, with theSSID in the payload set to zero. The probe request packet has a messageconfiguration that includes an 802.11 header, a type field for themanaged network, a subtype field, an SSID field, and a bit rate field.FIG. 4 shows the configuration of a probe request packet that isproduced by the node device performing a scan. In the scan requestpacket, the message type field is set to “management”, the subtype fieldis set to “probe request”, and the SSID field is set to zero. The SSIDis set to zero so that any nearby access points will respond to theprobe request message.

In response to the scan message, any nearby access point will provide amanagement probe response message as illustrated in FIG. 5. The responsepacket includes the 802.11 header field, a type field, a subtype field,and a message payload. The type field is set to “management” and thesubtype field is set to “probe response”. The message payload includesinformation that identifies whether the responding device is a member ofa network 100 that is being managed in accordance with the presentinvention. In particular, the payload will include TLV (type, length,value) elements in the probe response payload that properly configuredreceiving devices will recognize as indicated managed network operation.FIG. 6 shows details of the payload 602, including data fields fortimestamp 604, a beacon interval 606, capability indicator 608,respondent SSID 610, FH parameter 612, DS parameter 614 that indicatesthe respondent's channel of operation, and a managed network informationfield 616. Additional data fields 618, 620, 622 are available for use,but currently are not used and are reserved for future use. Thoseskilled in the art will recognize that these data fields correspond todata fields of the 802.11 beacon frame message.

With the received payload information, the node devices build a list ofaccess points that make up the mesh network 110. A node device builds alist of nearby access points with an identifier corresponding to thenetwork as a result of its wireless scans on each channel. FIG. 7 showsdetails of the Managed Network Information field 616 in the responsepayload 602. The “Managed Network” refers to the mesh network devices110 that together with the host 102 form the managed network 100 asdescribed herein. The fields in FIG. 7 include a Vendor OUI field 704that corresponds to the Organizationally Unique Identifier of the host.In the system described herein, the vendor OUI field is set to 00:18:0A,which is the OUI for Meraki Networks, Inc., the assignee of the presentinvention. The SNR field 706 contains data for the signal-to-noise ratioas observed and measured by the respondent. The flags field 708 includesat least two flag values, comprising an IS_GW flag that, if set to anon-zero value, indicates that the respondent node is a gateway of themanaged network, and an IS_MERAKI flag that, if set to a non-zero value,indicates that the respondent is a node in a network that is managed inaccordance with the invention. It should be apparent that all gatewaysof the managed network are also nodes of the managed network, but notall nodes are gateways.

The gateway metric field 710 is a performance heuristic or metric for arespondent node. For example, the gateway metric may comprise a one-bytevalue indicating the estimated transmission time from the sender to therespondent node. A responding node may derive the estimated transmissiontime by sending message packets at regular intervals, such as every fewminutes, and checking for packet loss at the receiving node. Theresponding node can then calculate an expected time for successfulpacket transmission to the destination, based on the experienced packetloss. Those skilled in the art will be aware of other useful gatewaymetrics and techniques for calculation.

Using the payload information 606, the node maintains the access pointlist with the following properties for each neighboring access point:MAC Address; SSID; SNR in both directions (e.g. when a node A issues aprobe request received by node B, the node B includes the A-to-B SNR inits probe response, and when node A receives node B's probe response,node A will also know the B-to-A SNR); the IS_GW value, the IS_MERAKIvalue, and the gateway metric value.

5. Joining an Existing Network

As noted above in connection with FIG. 3, a node may not have anEthernet connection to the Internet, and then the node will not be ableto operate as a gateway. In the managed network 100, if at any time anode does not operate as a gateway, the node will use the list ofavailable access points that it maintains from its scans to choose thenetwork with the best performance heuristic and will join it. Todetermine the network to join, the node will: (1) filter the list ofaccess points based on a threshold Signal-to-Noise ratio; (2) sort thefiltered list of access points by Gateway metric; (3) Choose theoperating channel (e.g. the channel of the access point with the bestGateway metric); (4) Join the mesh network by operating on the selectedchannel, and broadcast the node's own SSID to find its neighbors.

In accordance with the invention, the network host 102 providesmanagement tools to assist a network owner 112. The network owner canaccess the management tools from any network connection that supportscommunication with the host 102. For example, the network owner canaccess the management tools through any Internet connection. In theillustrated embodiment, the management tools are provided through a userinterface that is accessed through a conventional Web browser. That is,the management tools can be accessed through a Web portal such that thenetwork owner can provide identification information such as user nameand password for authentication. The Web portal then permits selectionof the various management tools through which the network owner managesthe mesh network 110. A variety of management tools can be provided,such as described next.

FIG. 8 is a screenshot representation of a management tool comprising aconfiguration page produced by the host 102. The network owner can usethe configuration page after a login process with a Web portal of thehost, using a conventional Web browser. The configuration page permitsthe network owner to enter configuration information and settings forthe mesh network 1 10 that will be controlled and managed by the networkowner. The FIG. 8 screenshot shows that various display pages can beselected via tabs corresponding to configure, access control, splashpage, alerts, and any blocked user (client) devices. The configurationpage enables the network owner to provide information the network nameby which the network owner is known to the host, along with the networkSSID information. The channel operation can also be provided. Anydesired network passwords for client devices may be specified throughaccess control inputs, if the managed network will not be operated as anopen network but rather as a closed network. In the case of a closednetwork, each node will operate so as to block client devices from usingthe managed network unless appropriate login information is receivedthat matches the access control information entered by the network ownerthrough the configuration page of FIG. 8.

A variety of hardware configurations can be used for the devicesdescribed above. For example, conventional server and desktop computerscan be used for the server host 102. In the illustrated embodiment, theserver operates the Linux operating system. Other details ofconstruction and operation will occur to those skilled in the art inview of the description herein. The nodes 106 can comprise routers,wireless access points, and suitably configured computer devices thatmight otherwise comprise clients 108 in the managed network. In theillustrated embodiment described herein, the nodes that process networktraffic are specified as operating with the Linux operating system.Those skilled in the art will appreciate that a wide variety of deviceoperating systems other than Linux can provide a suitable environmentfor execution of the operations described herein. Thus, any computerdevice that can perform the operations described herein can be utilizedin a managed network system constructed in accordance with theinvention.

Although the network communications have been described above inaccordance with the Internet protocol (IP), it should be understood thata wide variety of network communication protocols can be accommodated inaccordance with the invention. The operations described herein for thegateways routers 106 and client devices 108 can be performed by devicefirmware or by application software installed on the respective devices.All of the devices capable of network communications will include anynecessary network interface components, as will be known to thoseskilled in the art. The programming such as firmware and applicationsoftware for the operations described herein can be installed throughconventional manufacturing and production processes and through typicalprogram installation techniques for computer devices. For example, theprogramming can be installed from program media containing machineinstructions that can be read from media such as CD or DVD optical discdevices such that when the instructions are executed by the computerdevice they will cause operation in accordance with the techniquesdescribed herein. Other sources of such programming include externalprogram sources such as memory chips, floppy disks, thumb drives, flashmemory, and the like that are received into reader devices such that theprogram instructions can be installed.

The present invention has been described above in terms of presentlypreferred embodiments so that an understanding of the present inventioncan be conveyed. There are, however, many configurations for networkdevices and management systems not specifically described herein butwith which the present invention is applicable. The present inventionshould therefore not be seen as limited to the particular embodimentsdescribed herein, but rather, it should be understood that the presentinvention has wide applicability with respect to network devices andmanagement systems generally. All modifications, variations, orequivalent arrangements and implementations that are within the scope ofthe attached claims should therefore be considered within the scope ofthe invention.

1. A method of operating a device for communication over a managednetwork using a network communication protocol, the method comprising:allocating an internal network address for the device for communicationswithin a managed network; determining if the device will operate as agateway of the managed network; obtaining a network address forcommunication with external devices outside of the managed network inresponse to determining that the device will operate as a gateway;scanning for neighbor devices operating in the managed network andmaintaining a database of neighbor devices located in the scanning;selecting a managed network to join based on the database of neighbordevices in response to determining that the device will operate as anode.
 2. The method as defined in claim 1, wherein allocating aninternal network address comprises performing a hash function on a MACaddress value of the device, wherein the hash function provides a hashednetwork address that is unique to the device and that is obtainedidentically each time the hash function is performed.
 3. The method asdefined in claim 2, wherein the hashing function operates on the threeleast significant bytes of the device MAC address.
 4. The method asdefined in claim 1, wherein scanning for neighbor devices comprises:broadcasting a network management probe request message with SSID equalto zero; processing each response to the request message to determineinformation related to the responding device; maintaining a database ofthe responding device information that includes channel of operation forthe responding device, responding device MAC address, SSID,signal-to-noise information for communications to and from theresponding device, a gateway indicator, a managed network indicator, anda gateway metric value.
 5. The method as defined in claim 4, whereinselecting a managed network to join comprises: determining respondingdevices of the database that have a signal-to-noise ratio value that isgreater than a threshold value to produce a filtered list; identifyingthe responding device of the filtered list with the greatest gatewaymetric value; operating on the channel associated with the identifiedresponding device having the greatest gateway metric value, therebyjoining the network of the identified responding device.
 6. A method ofoperating a device for communication using a network communicationprotocol, the method comprising: performing a hash function on a MACaddress value of the device, wherein the hash function provides a hashednetwork address that is unique to the device and that is obtainedidentically each time the hash function is performed, such that the hashfunction operates on the three least significant bytes of the device MACaddress and the hashed network address comprises an internal networkaddress that is allocated for the device for communications within amanaged network; determining if the device will operate as a gateway ofthe managed network; obtaining a network address for communication withexternal devices outside of the managed network in response todetermining that the device will operate as a gateway; scanning forneighbor devices operating in the managed network and maintaining adatabase of neighbor devices located in the scanning, wherein scanningcomprises broadcasting a network management probe request message withSSID equal to zero, processing each response to the request message todetermine information related to the responding device, maintaining adatabase of the responding device information that includes channel ofoperation for the responding device, responding device MAC address,SSID, signal-to-noise information for communications to and from theresponding device, a gateway indicator, a managed network indicator, anda gateway metric value, and selecting a managed network to join based onthe database of neighbor devices in response to determining that thedevice will operate as a node; and selecting a managed network to joinin response to determining that the device will operate as a node, inaccordance with the database of neighbor devices, and by determiningresponding devices of the database that have a signal-to-noise ratiovalue that is greater than a threshold value to produce a filtered list,identifying the responding device of the filtered list with the greatestgateway metric value, and operating on the channel associated with theidentified responding device having the greatest gateway metric value,thereby joining the network of the identified responding device.
 7. Anetwork access device for communication over a managed network using anetwork communication protocol, the network access device comprising: anetwork interface for communications using the network communicationprotocol; a processor that allocates an internal network address forcommunications within a managed network, determines if the networkaccess device will operate as a gateway of the managed network andobtains a network address for communication with external devicesoutside of the managed network in response to determining that thedevice will operate as a gateway, scans for neighbor devices operatingin the managed network and maintaining a database of neighbor deviceslocated in the scanning, and selects a managed network to join based onthe database of neighbor devices in response to determining that thedevice will operate as a node.
 8. The network access device as definedin claim 7, wherein the device allocates an internal network address byperforming a hash function on a MAC address value of the device, whereinthe hash function provides a hashed network address that is unique tothe device and that is obtained identically each time the hash functionis performed.
 9. The network access device as defined in claim 8,wherein the hashing function operates on the three least significantbytes of the device MAC address.
 10. The network access device asdefined in claim 7, wherein the device scans for neighbor devices bybroadcasting a network management probe request message with SSID equalto zero, processing each response to the request message to determineinformation related to the responding device, and maintaining a databaseof the responding device information that includes channel of operationfor the responding device, responding device MAC address, SSID,signal-to-noise information for communications to and from theresponding device, a gateway indicator, a managed network indicator, anda gateway metric value.
 11. The network access device as defined inclaim 10, wherein the device selects a managed network to join bydetermining responding devices of the database that have asignal-to-noise ratio value that is greater than a threshold value toproduce a filtered list, identifying the responding device of thefiltered list with the greatest gateway metric value, and operating onthe channel associated with the identified responding device having thegreatest gateway metric value, thereby joining the network of theidentified responding device.